extensions_cust.c@ 94081

Last change on this file since 94081 was 91772, checked in by vboxsync, 3 years ago
openssl-1.1.1l: Applied and adjusted our OpenSSL changes to 1.1.1l. bugref:10126
File size: 17.8 KB

Line
1	/*
2	* Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the OpenSSL license (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	/* Custom extension utility functions */
11
12	#include <openssl/ct.h>
13	#include "../ssl_local.h"
14	#include "internal/cryptlib.h"
15	#include "statem_local.h"
16
17	typedef struct {
18	void *add_arg;
19	custom_ext_add_cb add_cb;
20	custom_ext_free_cb free_cb;
21	} custom_ext_add_cb_wrap;
22
23	typedef struct {
24	void *parse_arg;
25	custom_ext_parse_cb parse_cb;
26	} custom_ext_parse_cb_wrap;
27
28	/*
29	* Provide thin wrapper callbacks which convert new style arguments to old style
30	*/
31	static int custom_ext_add_old_cb_wrap(SSL *s, unsigned int ext_type,
32	unsigned int context,
33	const unsigned char **out,
34	size_t outlen, X509 x, size_t chainidx,
35	int al, void add_arg)
36	{
37	custom_ext_add_cb_wrap add_cb_wrap = (custom_ext_add_cb_wrap )add_arg;
38
39	if (add_cb_wrap->add_cb == NULL)
40	return 1;
41
42	return add_cb_wrap->add_cb(s, ext_type, out, outlen, al,
43	add_cb_wrap->add_arg);
44	}
45
46	static void custom_ext_free_old_cb_wrap(SSL *s, unsigned int ext_type,
47	unsigned int context,
48	const unsigned char out, void add_arg)
49	{
50	custom_ext_add_cb_wrap add_cb_wrap = (custom_ext_add_cb_wrap )add_arg;
51
52	if (add_cb_wrap->free_cb == NULL)
53	return;
54
55	add_cb_wrap->free_cb(s, ext_type, out, add_cb_wrap->add_arg);
56	}
57
58	static int custom_ext_parse_old_cb_wrap(SSL *s, unsigned int ext_type,
59	unsigned int context,
60	const unsigned char *in,
61	size_t inlen, X509 *x, size_t chainidx,
62	int al, void parse_arg)
63	{
64	custom_ext_parse_cb_wrap *parse_cb_wrap =
65	(custom_ext_parse_cb_wrap *)parse_arg;
66
67	if (parse_cb_wrap->parse_cb == NULL)
68	return 1;
69
70	return parse_cb_wrap->parse_cb(s, ext_type, in, inlen, al,
71	parse_cb_wrap->parse_arg);
72	}
73
74	/*
75	* Find a custom extension from the list. The \|role\| param is there to
76	* support the legacy API where custom extensions for client and server could
77	* be set independently on the same SSL_CTX. It is set to ENDPOINT_SERVER if we
78	* are trying to find a method relevant to the server, ENDPOINT_CLIENT for the
79	* client, or ENDPOINT_BOTH for either
80	*/
81	custom_ext_method custom_ext_find(const custom_ext_methods exts,
82	ENDPOINT role, unsigned int ext_type,
83	size_t *idx)
84	{
85	size_t i;
86	custom_ext_method *meth = exts->meths;
87
88	for (i = 0; i < exts->meths_count; i++, meth++) {
89	if (ext_type == meth->ext_type
90	&& (role == ENDPOINT_BOTH \|\| role == meth->role
91	\|\| meth->role == ENDPOINT_BOTH)) {
92	if (idx != NULL)
93	*idx = i;
94	return meth;
95	}
96	}
97	return NULL;
98	}
99
100	/*
101	* Initialise custom extensions flags to indicate neither sent nor received.
102	*/
103	void custom_ext_init(custom_ext_methods *exts)
104	{
105	size_t i;
106	custom_ext_method *meth = exts->meths;
107
108	for (i = 0; i < exts->meths_count; i++, meth++)
109	meth->ext_flags = 0;
110	}
111
112	/* Pass received custom extension data to the application for parsing. */
113	int custom_ext_parse(SSL *s, unsigned int context, unsigned int ext_type,
114	const unsigned char ext_data, size_t ext_size, X509 x,
115	size_t chainidx)
116	{
117	int al;
118	custom_ext_methods *exts = &s->cert->custext;
119	custom_ext_method *meth;
120	ENDPOINT role = ENDPOINT_BOTH;
121
122	if ((context & (SSL_EXT_CLIENT_HELLO \| SSL_EXT_TLS1_2_SERVER_HELLO)) != 0)
123	role = s->server ? ENDPOINT_SERVER : ENDPOINT_CLIENT;
124
125	meth = custom_ext_find(exts, role, ext_type, NULL);
126	/* If not found return success */
127	if (!meth)
128	return 1;
129
130	/* Check if extension is defined for our protocol. If not, skip */
131	if (!extension_is_relevant(s, meth->context, context))
132	return 1;
133
134	if ((context & (SSL_EXT_TLS1_2_SERVER_HELLO
135	\| SSL_EXT_TLS1_3_SERVER_HELLO
136	\| SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS)) != 0) {
137	/*
138	* If it's ServerHello or EncryptedExtensions we can't have any
139	* extensions not sent in ClientHello.
140	*/
141	if ((meth->ext_flags & SSL_EXT_FLAG_SENT) == 0) {
142	SSLfatal(s, TLS1_AD_UNSUPPORTED_EXTENSION, SSL_F_CUSTOM_EXT_PARSE,
143	SSL_R_BAD_EXTENSION);
144	return 0;
145	}
146	}
147
148	/*
149	* Extensions received in the ClientHello are marked with the
150	* SSL_EXT_FLAG_RECEIVED. This is so we know to add the equivalent
151	* extensions in the ServerHello/EncryptedExtensions message
152	*/
153	if ((context & SSL_EXT_CLIENT_HELLO) != 0)
154	meth->ext_flags \|= SSL_EXT_FLAG_RECEIVED;
155
156	/* If no parse function set return success */
157	if (!meth->parse_cb)
158	return 1;
159
160	if (meth->parse_cb(s, ext_type, context, ext_data, ext_size, x, chainidx,
161	&al, meth->parse_arg) <= 0) {
162	SSLfatal(s, al, SSL_F_CUSTOM_EXT_PARSE, SSL_R_BAD_EXTENSION);
163	return 0;
164	}
165
166	return 1;
167	}
168
169	/*
170	* Request custom extension data from the application and add to the return
171	* buffer.
172	*/
173	int custom_ext_add(SSL s, int context, WPACKET pkt, X509 *x, size_t chainidx,
174	int maxversion)
175	{
176	custom_ext_methods *exts = &s->cert->custext;
177	custom_ext_method *meth;
178	size_t i;
179	int al;
180
181	for (i = 0; i < exts->meths_count; i++) {
182	const unsigned char *out = NULL;
183	size_t outlen = 0;
184
185	meth = exts->meths + i;
186
187	if (!should_add_extension(s, meth->context, context, maxversion))
188	continue;
189
190	if ((context & (SSL_EXT_TLS1_2_SERVER_HELLO
191	\| SSL_EXT_TLS1_3_SERVER_HELLO
192	\| SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS
193	\| SSL_EXT_TLS1_3_CERTIFICATE
194	\| SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST)) != 0) {
195	/* Only send extensions present in ClientHello. */
196	if (!(meth->ext_flags & SSL_EXT_FLAG_RECEIVED))
197	continue;
198	}
199	/*
200	* We skip it if the callback is absent - except for a ClientHello where
201	* we add an empty extension.
202	*/
203	if ((context & SSL_EXT_CLIENT_HELLO) == 0 && meth->add_cb == NULL)
204	continue;
205
206	if (meth->add_cb != NULL) {
207	int cb_retval = meth->add_cb(s, meth->ext_type, context, &out,
208	&outlen, x, chainidx, &al,
209	meth->add_arg);
210
211	if (cb_retval < 0) {
212	SSLfatal(s, al, SSL_F_CUSTOM_EXT_ADD, SSL_R_CALLBACK_FAILED);
213	return 0; /* error */
214	}
215	if (cb_retval == 0)
216	continue; /* skip this extension */
217	}
218
219	if (!WPACKET_put_bytes_u16(pkt, meth->ext_type)
220	\|\| !WPACKET_start_sub_packet_u16(pkt)
221	\|\| (outlen > 0 && !WPACKET_memcpy(pkt, out, outlen))
222	\|\| !WPACKET_close(pkt)) {
223	SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_CUSTOM_EXT_ADD,
224	ERR_R_INTERNAL_ERROR);
225	return 0;
226	}
227	if ((context & SSL_EXT_CLIENT_HELLO) != 0) {
228	/*
229	* We can't send duplicates: code logic should prevent this.
230	*/
231	if (!ossl_assert((meth->ext_flags & SSL_EXT_FLAG_SENT) == 0)) {
232	SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_CUSTOM_EXT_ADD,
233	ERR_R_INTERNAL_ERROR);
234	return 0;
235	}
236	/*
237	* Indicate extension has been sent: this is both a sanity check to
238	* ensure we don't send duplicate extensions and indicates that it
239	* is not an error if the extension is present in ServerHello.
240	*/
241	meth->ext_flags \|= SSL_EXT_FLAG_SENT;
242	}
243	if (meth->free_cb != NULL)
244	meth->free_cb(s, meth->ext_type, context, out, meth->add_arg);
245	}
246	return 1;
247	}
248
249	/* Copy the flags from src to dst for any extensions that exist in both */
250	int custom_exts_copy_flags(custom_ext_methods *dst,
251	const custom_ext_methods *src)
252	{
253	size_t i;
254	custom_ext_method *methsrc = src->meths;
255
256	for (i = 0; i < src->meths_count; i++, methsrc++) {
257	custom_ext_method *methdst = custom_ext_find(dst, methsrc->role,
258	methsrc->ext_type, NULL);
259
260	if (methdst == NULL)
261	continue;
262
263	methdst->ext_flags = methsrc->ext_flags;
264	}
265
266	return 1;
267	}
268
269	/* Copy table of custom extensions */
270	int custom_exts_copy(custom_ext_methods dst, const custom_ext_methods src)
271	{
272	size_t i;
273	int err = 0;
274
275	if (src->meths_count > 0) {
276	dst->meths =
277	OPENSSL_memdup(src->meths,
278	sizeof(src->meths) src->meths_count);
279	if (dst->meths == NULL)
280	return 0;
281	dst->meths_count = src->meths_count;
282
283	for (i = 0; i < src->meths_count; i++) {
284	custom_ext_method *methsrc = src->meths + i;
285	custom_ext_method *methdst = dst->meths + i;
286
287	if (methsrc->add_cb != custom_ext_add_old_cb_wrap)
288	continue;
289
290	/*
291	* We have found an old style API wrapper. We need to copy the
292	* arguments too.
293	*/
294
295	if (err) {
296	methdst->add_arg = NULL;
297	methdst->parse_arg = NULL;
298	continue;
299	}
300
301	methdst->add_arg = OPENSSL_memdup(methsrc->add_arg,
302	sizeof(custom_ext_add_cb_wrap));
303	methdst->parse_arg = OPENSSL_memdup(methsrc->parse_arg,
304	sizeof(custom_ext_parse_cb_wrap));
305
306	if (methdst->add_arg == NULL \|\| methdst->parse_arg == NULL)
307	err = 1;
308	}
309	}
310
311	if (err) {
312	custom_exts_free(dst);
313	return 0;
314	}
315
316	return 1;
317	}
318
319	void custom_exts_free(custom_ext_methods *exts)
320	{
321	size_t i;
322	custom_ext_method *meth;
323
324	for (i = 0, meth = exts->meths; i < exts->meths_count; i++, meth++) {
325	if (meth->add_cb != custom_ext_add_old_cb_wrap)
326	continue;
327
328	/* Old style API wrapper. Need to free the arguments too */
329	OPENSSL_free(meth->add_arg);
330	OPENSSL_free(meth->parse_arg);
331	}
332	OPENSSL_free(exts->meths);
333	}
334
335	/* Return true if a client custom extension exists, false otherwise */
336	int SSL_CTX_has_client_custom_ext(const SSL_CTX *ctx, unsigned int ext_type)
337	{
338	return custom_ext_find(&ctx->cert->custext, ENDPOINT_CLIENT, ext_type,
339	NULL) != NULL;
340	}
341
342	static int add_custom_ext_intern(SSL_CTX *ctx, ENDPOINT role,
343	unsigned int ext_type,
344	unsigned int context,
345	SSL_custom_ext_add_cb_ex add_cb,
346	SSL_custom_ext_free_cb_ex free_cb,
347	void *add_arg,
348	SSL_custom_ext_parse_cb_ex parse_cb,
349	void *parse_arg)
350	{
351	custom_ext_methods *exts = &ctx->cert->custext;
352	custom_ext_method meth, tmp;
353
354	/*
355	* Check application error: if add_cb is not set free_cb will never be
356	* called.
357	*/
358	if (add_cb == NULL && free_cb != NULL)
359	return 0;
360
361	#ifndef OPENSSL_NO_CT
362	/*
363	* We don't want applications registering callbacks for SCT extensions
364	* whilst simultaneously using the built-in SCT validation features, as
365	* these two things may not play well together.
366	*/
367	if (ext_type == TLSEXT_TYPE_signed_certificate_timestamp
368	&& (context & SSL_EXT_CLIENT_HELLO) != 0
369	&& SSL_CTX_ct_is_enabled(ctx))
370	return 0;
371	#endif
372
373	/*
374	* Don't add if extension supported internally, but make exception
375	* for extension types that previously were not supported, but now are.
376	*/
377	if (SSL_extension_supported(ext_type)
378	&& ext_type != TLSEXT_TYPE_signed_certificate_timestamp)
379	return 0;
380
381	/* Extension type must fit in 16 bits */
382	if (ext_type > 0xffff)
383	return 0;
384	/* Search for duplicate */
385	if (custom_ext_find(exts, role, ext_type, NULL))
386	return 0;
387	tmp = OPENSSL_realloc(exts->meths,
388	(exts->meths_count + 1) * sizeof(custom_ext_method));
389	if (tmp == NULL)
390	return 0;
391
392	exts->meths = tmp;
393	meth = exts->meths + exts->meths_count;
394	memset(meth, 0, sizeof(*meth));
395	meth->role = role;
396	meth->context = context;
397	meth->parse_cb = parse_cb;
398	meth->add_cb = add_cb;
399	meth->free_cb = free_cb;
400	meth->ext_type = ext_type;
401	meth->add_arg = add_arg;
402	meth->parse_arg = parse_arg;
403	exts->meths_count++;
404	return 1;
405	}
406
407	static int add_old_custom_ext(SSL_CTX *ctx, ENDPOINT role,
408	unsigned int ext_type,
409	unsigned int context,
410	custom_ext_add_cb add_cb,
411	custom_ext_free_cb free_cb,
412	void *add_arg,
413	custom_ext_parse_cb parse_cb, void *parse_arg)
414	{
415	custom_ext_add_cb_wrap *add_cb_wrap
416	= OPENSSL_malloc(sizeof(*add_cb_wrap));
417	custom_ext_parse_cb_wrap *parse_cb_wrap
418	= OPENSSL_malloc(sizeof(*parse_cb_wrap));
419	int ret;
420
421	if (add_cb_wrap == NULL \|\| parse_cb_wrap == NULL) {
422	OPENSSL_free(add_cb_wrap);
423	OPENSSL_free(parse_cb_wrap);
424	return 0;
425	}
426
427	add_cb_wrap->add_arg = add_arg;
428	add_cb_wrap->add_cb = add_cb;
429	add_cb_wrap->free_cb = free_cb;
430	parse_cb_wrap->parse_arg = parse_arg;
431	parse_cb_wrap->parse_cb = parse_cb;
432
433	ret = add_custom_ext_intern(ctx, role, ext_type,
434	context,
435	custom_ext_add_old_cb_wrap,
436	custom_ext_free_old_cb_wrap,
437	add_cb_wrap,
438	custom_ext_parse_old_cb_wrap,
439	parse_cb_wrap);
440
441	if (!ret) {
442	OPENSSL_free(add_cb_wrap);
443	OPENSSL_free(parse_cb_wrap);
444	}
445
446	return ret;
447	}
448
449	/* Application level functions to add the old custom extension callbacks */
450	int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
451	custom_ext_add_cb add_cb,
452	custom_ext_free_cb free_cb,
453	void *add_arg,
454	custom_ext_parse_cb parse_cb, void *parse_arg)
455	{
456	return add_old_custom_ext(ctx, ENDPOINT_CLIENT, ext_type,
457	SSL_EXT_TLS1_2_AND_BELOW_ONLY
458	\| SSL_EXT_CLIENT_HELLO
459	\| SSL_EXT_TLS1_2_SERVER_HELLO
460	\| SSL_EXT_IGNORE_ON_RESUMPTION,
461	add_cb, free_cb, add_arg, parse_cb, parse_arg);
462	}
463
464	int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
465	custom_ext_add_cb add_cb,
466	custom_ext_free_cb free_cb,
467	void *add_arg,
468	custom_ext_parse_cb parse_cb, void *parse_arg)
469	{
470	return add_old_custom_ext(ctx, ENDPOINT_SERVER, ext_type,
471	SSL_EXT_TLS1_2_AND_BELOW_ONLY
472	\| SSL_EXT_CLIENT_HELLO
473	\| SSL_EXT_TLS1_2_SERVER_HELLO
474	\| SSL_EXT_IGNORE_ON_RESUMPTION,
475	add_cb, free_cb, add_arg, parse_cb, parse_arg);
476	}
477
478	int SSL_CTX_add_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
479	unsigned int context,
480	SSL_custom_ext_add_cb_ex add_cb,
481	SSL_custom_ext_free_cb_ex free_cb,
482	void *add_arg,
483	SSL_custom_ext_parse_cb_ex parse_cb, void *parse_arg)
484	{
485	return add_custom_ext_intern(ctx, ENDPOINT_BOTH, ext_type, context, add_cb,
486	free_cb, add_arg, parse_cb, parse_arg);
487	}
488
489	int SSL_extension_supported(unsigned int ext_type)
490	{
491	switch (ext_type) {
492	/* Internally supported extensions. */
493	case TLSEXT_TYPE_application_layer_protocol_negotiation:
494	#ifndef OPENSSL_NO_EC
495	case TLSEXT_TYPE_ec_point_formats:
496	case TLSEXT_TYPE_supported_groups:
497	case TLSEXT_TYPE_key_share:
498	#endif
499	#ifndef OPENSSL_NO_NEXTPROTONEG
500	case TLSEXT_TYPE_next_proto_neg:
501	#endif
502	case TLSEXT_TYPE_padding:
503	case TLSEXT_TYPE_renegotiate:
504	case TLSEXT_TYPE_max_fragment_length:
505	case TLSEXT_TYPE_server_name:
506	case TLSEXT_TYPE_session_ticket:
507	case TLSEXT_TYPE_signature_algorithms:
508	#ifndef OPENSSL_NO_SRP
509	case TLSEXT_TYPE_srp:
510	#endif
511	#ifndef OPENSSL_NO_OCSP
512	case TLSEXT_TYPE_status_request:
513	#endif
514	#ifndef OPENSSL_NO_CT
515	case TLSEXT_TYPE_signed_certificate_timestamp:
516	#endif
517	#ifndef OPENSSL_NO_SRTP
518	case TLSEXT_TYPE_use_srtp:
519	#endif
520	case TLSEXT_TYPE_encrypt_then_mac:
521	case TLSEXT_TYPE_supported_versions:
522	case TLSEXT_TYPE_extended_master_secret:
523	case TLSEXT_TYPE_psk_kex_modes:
524	case TLSEXT_TYPE_cookie:
525	case TLSEXT_TYPE_early_data:
526	case TLSEXT_TYPE_certificate_authorities:
527	case TLSEXT_TYPE_psk:
528	case TLSEXT_TYPE_post_handshake_auth:
529	return 1;
530	default:
531	return 0;
532	}
533	}

Note: See TracBrowser for help on using the repository browser.

source: vbox/trunk/src/libs/openssl-3.0.1/ssl/statem/extensions_cust.c@ 94081

Download in other formats: